CN108292332B - Extending federated graphs with third-party data and metadata - Google Patents
Extending federated graphs with third-party data and metadata Download PDFInfo
- Publication number
- CN108292332B CN108292332B CN201680069965.3A CN201680069965A CN108292332B CN 108292332 B CN108292332 B CN 108292332B CN 201680069965 A CN201680069965 A CN 201680069965A CN 108292332 B CN108292332 B CN 108292332B
- Authority
- CN
- China
- Prior art keywords
- service
- facet
- network
- network service
- federated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Techniques for extending a federated graph with third-party data or metadata are described herein. The federated facet provider service registers with the federated graph provider service as a provider of facets to resources in the graph. For example, the federated facet provider may provide a callback URL or a URI template for parsing the callback URL. When the federated graph provider service receives a request for a facet from a service client, the federated graph provider service determines a callback network address for the federated facet provider service and obtains an authentication token for the federated facet provider service. A response is provided to the service client that causes the service client to redirect, using the authentication token, to a federated facet provider service for obtaining the requested facet. The federated facet provider service provides the requested facet directly to the service client.
Description
Background
Computing systems currently exist that provide a unified interface to access information provided by numerous data providers. For example, a web service may provide a unified web service application program interface ("API"), such as a unified web service API, that exposes relevant data controlled by numerous other federated data providers, such as other web services operated by the same entity.
When a request is received at such an API, the requested data is obtained from other federated data providers, combined, and provided as a single unified response to the request. By implementing a unified API for accessing data in this manner, a single request can be conveniently made to obtain data from many different federated data providers. The collection of content available from various data providers in such systems is generally referred to as a "property graph," or more simply a "graph. One example is microsoft GRAPH, offered by microsoft corporation, which is currently accessible at GRAPH.
Systems for providing access to such graphs frequently use an "owner + decorator" model, where a given resource or entity in a graph is controlled by a single web service and is "decorated" with additional data by other federated web services operated by the same entity. For example, a network service may be utilized to control certain information about network users. Other federated "decorator" web services may also be utilized to "decorate" user information with additional information about network users.
Systems that utilize an "owner + decorator" model to provide uniform access to property graphs tend to work well with a relatively small number of "decorator" web services. However, when a large number (e.g., hundreds or thousands) of "decorator" web services are utilized, the "owner + decorator" model may fail. Thus, third parties (i.e., parties other than the supplier or consumer of the attributed graph) are generally not allowed to integrate their web services as "decorators" of data in such graphs.
As mentioned briefly above, the various web services (e.g., the "control" web service and the various "decorator" web services) used to implement the "owner + decorator" model that provides access to the property graph are typically operated by the same entity. Third party providers of "decorator" web services may be highly reluctant to associate their web services with such entities for network security reasons. For example, a third party provider of a "decorator" web service may not want to compromise the security of its data by providing the data to entities operating various web services that implement the "owner + decorator" model.
The disclosure made herein is presented in relation to these and other considerations.
Disclosure of Invention
Techniques for extending a federated graph with third-party data and metadata are described herein. By implementing the techniques disclosed herein, any large number of third-party provided "decorator" web services can be utilized to decorate the data contained in the property graph accessible through the unified web services API. Moreover, implementing the techniques disclosed herein may enable third-party "decorator" web services to be integrated with federated graphs in a manner that does not compromise the security or governance of data maintained by the third-party. Technical benefits different from those specifically identified herein may also be achieved through implementation of the disclosed techniques.
According to one configuration disclosed herein, a web service, referred to herein as a "federated graph provider service," provides a unified web service API for exposing data for access in a graph. For example, and without limitation, the federated graph provider service may expose a web service API through which service clients may obtain data from the graph. In response to a request for data, the federated graph provider service may obtain and combine data from multiple other federated data providers, such as a "decorator" web service operated by the same entity that operates the federated graph provider service.
The federated graph provider service may also provide functionality for integrating with "decorator" web services provided by third parties, referred to herein as a "federated facet (facet) provider service," or more generally, a "facet provider service. As briefly discussed above, the federated graph provider service may be integrated with a federated facet provider in a manner that allows for the use of an arbitrarily large number of federated facet provider services, as well as in a manner that does not compromise the security and governance of the data maintained by the federated facet provider service.
To enable this functionality, the federated facet provider service first registers with the federated graph provider service as a provider for a particular facet. For example, in the example described above, where the map holds data about the user, the area may be any arbitrary information about the user identified in the map, such as the size of the user's shoes or hat. A facet may be associated with a resource in a graph through data or metadata associated with a federated facet provider service and a federated graph provider service.
The federated facet provider service operates in a network (which may be referred to herein as a "facet provider network") that is different from the network in which the federated graph provider service operates (which may be referred to herein as a "graph provider network"). Additionally, the entity operating the federated graph provider service and the entity operating the federated facet provider service have a federated relationship. In some configurations, through this relationship, an entity operating the federated graph provider service may issue an authentication token that allows a user to access the federated facet provider service. Additional details regarding this mechanism are discussed below.
In one particular configuration, the federated facet provider service registers as a facet provider with the federated graph provider service by: a unique service identifier ("ID") associated with the federated facet provider service is provided along with a callback network address, such as a uniform resource locator ("URL"), for the federated facet provider service. This registration mechanism is referred to herein as "basic registration".
In another configuration, the federated facet provider service registers as a facet provider with the federated graph provider service by: a unique service ID associated with the federated facet provider service is provided along with a uniform resource identifier ("URI") template. As will be discussed in more detail below, the URI template may be utilized to parse a callback URL for retrieving the requested facet from the federated facet provider service at query time. This registration mechanism may be referred to herein as "advanced registration".
Once the federated facet provider has registered with the federated graph provider service, the facet provider service may be used as a data provider for a particular facet. For example, in one configuration, a federated graph provider service receives a request from a service client for a facet of a resource in a graph. As mentioned above, such requests may be received via a network service API, such as a web service API. The request includes data identifying a location in the resource map and a unique ID associated with the federated facet provider that provided the facet.
In response to receiving such a request, the federated graph provider service identifies a network address of a network service API (e.g., network service) exposed by the federated facet provider service that registers with the federated graph provider service to provide the facet. For example, when the basic registration mechanism described above has been utilized, the federated graph provider service may utilize a unique ID associated with the federated facet provider service to retrieve a previously stored callback URL for the federated facet provider service.
When the advanced registration mechanism described above has been utilized, the federated graph provider service may utilize the unique ID associated with the federated facet provider service to obtain a URI template for the federated facet provider service. The federated graph provider service may then parse the URI template to generate a network address of a web service API (e.g., a web service API), which is exposed by the federated facet provider service for obtaining the requested facet.
The federated graph provider service also obtains an authentication token that can be utilized by the requesting service client to authenticate the federated facet provider service. As discussed briefly above, the federated graph provider service and the federated facet provider service have a federated relationship, and as such, the federated graph provider service is authorized to generate or otherwise obtain an authentication token that the service client can utilize to authenticate the federated facet provider service.
In one configuration, the federated graph provider service provides a response to a request received from a service client that instructs the service client to perform a redirection to a network address of a network service API exposed by the federated facet provider service for obtaining the facet. The response also includes an authentication token, which the service client can utilize to authenticate the federated facet provider service. In turn, the service client redirects its request to the federated facet provider service and includes an authentication token provided by the federated graph provider service with the request. The federated facet provider service receives the request, validates the authentication token, and, if validated, provides the requested facet to the service client.
In another configuration, the federated graph provider service is configured to utilize the callback URL and authentication token of the federated facet provider service to obtain the requested facet from the federated facet provider service itself. In this configuration, the federated graph provider service retrieves the requested facet from the federated facet provider service and returns the facet directly to the service client. In this configuration, no redirection of the service client to the federated facet provider service is required, thereby enabling the retrieval of the requested facet to be performed more quickly, but at the expense of data governance. Additionally, in this configuration, the federated graph provider service may also provide, in response to such a request, other information associated with graph resources obtained from federated network services within the graph provider network.
In some configurations, the federated graph provider service exposes a network service API (e.g., a web service API) through which callers may obtain information about the facet. For example, the federated graph provider service may receive a request for information about a facet that includes a unique service ID of the registered federated facet provider service. The federated graph provider service may utilize a unique ID associated with the federated facet provider service to obtain information about the requested facet. The requested information about the facet may then be returned in response to the request for information. The information about the facet may include, but is not limited to, a unique service ID associated with the federated facet provider service, a name of an entity operating the federated facet provider service, a textual description of the facet, and/or details about an authentication token used to authenticate the federated facet provider service.
In some configurations, the federated graph provider service exposes a network interface API (e.g., a network service API) through which callers may obtain data identifying particular facets associated with resources in the graph. For example, and without limitation, a request to such an API may identify a resource in a graph. In response thereto, a facet associated with the identified resource may be identified and information regarding the facet may be provided in reply to the request. This information may include, for example, a unique service ID associated with each facet, data identifying the entity operating the associated federated facet provider service, a textual description of the facet, a callback URL for the associated federated facet provider service, and/or details about the authentication token used to authenticate the federated facet provider service.
In some configurations, the federated graph provider service, the federated facet provider service, and the service clients are located in different geographic locations. In one particular example, for example, the federated graph provider service is located in the united states, the federated facet provider service is located in germany, and the service client is located in france. In this example, the service client may utilize the mechanisms described above to make requests for sensitive data that is not allowed to leave the european union ("EU") boundary. The request may be for a federated graph provider service located in the united states, but will be redirected to a federated facet provider service located in germany. Thus, a service client located in france retrieves data from a federated facet provider service located in germany without the data leaving the EU boundary. As mentioned above, other technical benefits may be achieved from implementation of the techniques disclosed herein.
It should be appreciated that the above-described subject matter may be implemented as a computer-controlled apparatus, a computer process, a computing system, or as an article of manufacture such as a computer-readable medium. These and various other features will be apparent from a reading of the following detailed description and a review of the associated drawings.
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended that this summary be used to limit the scope of the claimed subject matter. Furthermore, the claimed subject matter is not limited to implementations that solve any or all disadvantages noted in any part of this disclosure.
Drawings
FIG. 1 is a network diagram illustrating aspects of several mechanisms for registering a federated facet provider service with a federated graph provider service in accordance with one configuration disclosed herein;
FIG. 2 is a flow diagram illustrating aspects of a routine further illustrating the mechanism illustrated in FIG. 1 for registering a federated facet provider service with a federated graph provider service, according to one configuration disclosed herein;
FIG. 3A is a network diagram illustrating aspects of a mechanism for retrieving faces from a federated face provider service, according to one configuration disclosed herein;
FIG. 3B is a flow diagram illustrating several routines collectively illustrating additional aspects of the mechanism shown in FIG. 3B for retrieving faces from a federated face provider service, in accordance with one configuration disclosed herein;
FIG. 4A is a network diagram illustrating aspects of another mechanism for retrieving faces from a federated face provider service utilizing URI templates, according to one configuration disclosed herein;
FIG. 4B is a flow diagram illustrating several routines, collectively illustrating additional aspects of a mechanism for retrieving faces from a federated face provider service that utilizes URI templates, according to one configuration disclosed herein;
FIG. 5 is a network diagram showing a mechanism for querying facets and for obtaining information about facet providers, according to one configuration disclosed herein;
FIG. 6 is a flow diagram illustrating a routine showing additional aspects of the mechanism shown in FIG. 5 for obtaining information about an facet supplier, according to one configuration disclosed herein;
FIG. 7 is a flow diagram illustrating a routine showing additional aspects of the mechanism shown in FIG. 5 for querying a facet, according to one configuration disclosed herein;
FIG. 8 is a network diagram illustrating aspects of a mechanism for retrieving a facet from a federated facet provider service that does not utilize client-side redirection, according to one configuration disclosed herein;
FIG. 9 is a flow diagram illustrating several routines collectively illustrating additional aspects of a mechanism for retrieving faces from a federated face provider service without client-side redirection, according to one configuration disclosed herein;
FIG. 10 is a computer architecture diagram showing an illustrative computer hardware and software architecture for a computing system capable of implementing aspects of the techniques presented herein;
FIG. 11 is a computer system architecture and network diagram illustrating a distributed computing environment capable of implementing aspects of the technology presented herein; and
fig. 12 is a computer architecture diagram illustrating a computing device architecture of another computing device capable of implementing aspects of the techniques presented herein.
Detailed Description
The following detailed description is directed to techniques for extending a federated graph with third-party data and metadata. As briefly discussed above, by implementing the techniques disclosed herein, any of a large number of third-party provided "decorator" web services can be utilized to decorate data contained in an attribute map accessible through a unified web services API. Implementations of the technology disclosed herein may also allow third party "decorator" web services to be integrated with property graphs in a manner that does not compromise the security of data held by the third party. Other technical benefits may also be achieved by implementing the techniques disclosed herein.
While the subject matter described herein is presented in the general context of program modules that execute in conjunction with the execution of an operating system and application programs on a computer system, those skilled in the art will recognize that other implementations may be performed in combination with other types of program modules. Generally, program modules include routines, programs, components, data structures, and any other type of structure that performs particular tasks or implements particular abstract data types. Moreover, those skilled in the art will appreciate that the subject matter described herein may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and the like.
In the following detailed description, reference is made to the accompanying drawings, which form a part hereof, and in which is shown by way of illustration specific configurations or examples. Referring now to the drawings, in which like numerals represent like elements throughout the several views, aspects of various techniques for extending a federated graph with third-party data and metadata will be described.
FIG. 1 is a network diagram illustrating aspects of several mechanisms for registering a federated graph provider service 108 with a federated graph provider service 102, according to one configuration disclosed herein. As discussed briefly above, the federated graph provider service 102 is a network service that provides functionality for exposing a unified network service API (not shown in FIG. 1) for accessing data in the graph. For example, and without limitation, the federated graph provider service 102 may expose a web service API through which service clients (not shown in FIG. 1) may obtain data from the graph. In response to a request for data, the federated graph provider service 102 may obtain and combine data from multiple other federated data providers, such as "decorator" web services 104A-104N operated by the same entity operating the federated graph provider service 102.
The graph provided by the federated graph provider service 102 may include data about various types of resources. For example, and not by way of limitation, a graph may include data about enterprise resources, such as people and documents, as well as relationships and interactions between resources. The relationships and interactions may be represented as edges between nodes that identify various resources. For example, the edge may indicate that the user has modified the document, that the user is working with another user, that certain resources are popular with other related users, organizational structures, and/or other types of data. The various nodes and edges in the graph may be provided by first-party network services 104A-104N.
As will be described in greater detail below, the federated graph provider service 102 may also provide functionality for integrating with third-party provided "decorator" web services, such as the federated facet provider service 108. As briefly discussed above, the federated graph provider service 102 may be integrated with the federated facet provider service 108 in a manner that allows for the use of any large number of federated facet provider services 108, as well as in a manner that does not compromise the security or governance of the data held by the federated facet provider service 108. In this regard, it should be understood that although only a single federated facet provider service 108 has been illustrated in the figures, many more such services may also be utilized.
As shown in fig. 1, the federated graph provider service 108 operates in a network (e.g., a facet provider network 114) that is different from the network (e.g., graph provider network 106) in which the federated graph provider service 102 operates. Additionally, the entities operating the federated graph provider service 102 and the federated facet provider service 108 have a federated relationship, whereby the entities operating the federated graph provider service 102 may issue authentication tokens (not shown in FIG. 1) that allow access to the federated facet provider service 108. Additional details regarding this mechanism are discussed below.
As also shown in fig. 1, graph provider network 106 and facet provider network 114 are interconnected by network 132. The network 132 may be the internet or another type of data communication network. In this regard, it should be understood that more public and private networks than shown in fig. 1 may be utilized to interconnect the various components described in the disclosed configurations herein. The facets of the graph provider network 106 may be implemented with additional detail with respect to a distributed computing environment, and a facet provider network 114 is provided below with respect to FIG. 11. Additional details regarding several computing systems that may be used to implement federated graph provider service 102, federated facet provider service 108, and service clients (not shown in FIG. 1) are provided below with respect to FIGS. 10 and 12.
To enable aspects of the functionality disclosed herein, the federated facet provider 108 first registers with the federated graph provider service 102 as a provider of a particular facet for a resource in the graph. As discussed briefly above, a facet is data or metadata associated with a resource in a graph provided by the federated graph provider service 102. For example and as mentioned above, in the examples described above, where the map holds data about the user, the face may be any arbitrary information about the user identified in the map, such as the size of the user's shoes or hat. The federated facet provider service 108 can store facet data 110 (i.e., facets) in a suitable electronic data store 112.
In one particular configuration, the federated facet provider service 108 registers with the federated graph provider service 102 as a facet provider by sending a base registration request 118 to a base registration API 116 exposed by the federated graph provider service 102. The base registration API 116 may be a network service API, such as a web service API, or another type of network accessible API. The base registration request 118 includes a unique service ID 120 unique to the federated facet provider service 108 and a callback network address such as a callback URL 122 for the federated facet provider service 108. As mentioned above, this registration mechanism may be referred to herein as "basic registration.
To illustrate aspects of the functionality disclosed herein, sample scenarios may be utilized throughout this document. In a sample scenario, a company called BestBoots, Inc. ("BestBoots") wants to extend user data controlled by one of the network services 104A-104N to include a boot size for each user. In this example, BestBoots implements the federated facet provider service 108 in a suitable Internet-accessible network (i.e., facet provider network 114) configured to store facet data 110 describing various user launch sizes. In this example, the federated facet provider service 108 exposes a publicly accessible API through which boot sizes for particular users may be obtained.
In this particular example, the base registration request 118 specifies that the unique service ID 120 for the federated facet provider service 108 operated by BestBoots is "http:// BestBoots. com/v 1/BootPreferences". In this regard, it should be understood that although a unique URL is used as the unique service ID 120 in this example, other types of data unique to the syndication face provider service 108 may also be used. In this example, the base registration request 118 is also specified as a callback URL122 for https:// bestboots-preferences. This is the network address of the web service API exposed by the federated facet provider service 108 for obtaining the requested facet, which in this example is the launch size of the particular user.
When utilizing the basic registration mechanism described above, the callback URL 122 will be invoked with the location from the original resource provided by the federated graph provider service 102 as a query parameter. For example, a call to the callback URL 122 would take https:// < callback URL >? resource-is in the form of < graph resource URI >. Additional details regarding retrieving facets with locations that have performed base registrations in the manner described above will be presented below with respect to fig. 3A and 3B.
In another configuration, the federated facet provider service 108 registers with the federated graph provider service 102 as a facet provider by sending a high-level registration request 126 to a high-level registration API 128 exposed by the federated graph provider service 102. The high-level registration API 128 may also be a network service API, such as a web service API, or another type of network-accessible API. The high-level registration request 126 also includes a unique service ID 120 that is unique to the syndication face provider service 108. However, in this mechanism, the advanced registration request 126 does not include an explicit callback URL 122. Instead, the high-level registration request includes a URI template 130, such as a RFC 6750URI template. As will be discussed in more detail below, the federated graph provider service 102 may utilize the URI template 130 to parse a callback URL for use in retrieving the requested facet from the federated facet provider service 108 at query time. This registration mechanism may be referred to herein as "advanced registration".
Returning to the BestBoots example mentioned above, when the high-level registration is performed, the unique service ID 120 may be "https:// BestBoots. com/v 1/Bootreferences-Advanced". When in basic registration, the unique service ID need not be in the form of a URL and may be expressed as another type of data that uniquely identifies the federated facet provider service. In this example, the URI template 130 may be in the form of https:// bestboots-preferences. In this example, the URI template 130 will be resolved to include a "userPrinclipalName" (i.e., a username) appended to the URI as a segment. It should be appreciated that this example has been simplified, and that many other fields may be supported by the federated graph provider service 102 to establish a URI template.
In response to receiving a call to the base registration API 116, the federated graph provider service 102 stores the specified service ID 120 and callback URL 122 in an appropriate data store 124. Similarly, in response to a call to the high-level registration API 126, the federated graph provider service 102 stores the service ID 120 and the URI template 130 in the data store 124. As will be discussed in detail below, this information may be utilized at query time to redirect service clients to the appropriate federated facet provider service 108 for a particular facet. Additional details regarding both the basic and advanced registration mechanisms will be provided below with respect to fig. 2.
FIG. 2 is a flow diagram illustrating aspects of a routine further illustrating the mechanism illustrated in FIG. 1 for registering the federated graph provider service 108 with the federated graph provider service 102, according to one configuration disclosed herein. It should be appreciated that the logical operations described herein with respect to fig. 2 and other figures can be implemented (1) as a sequence of computer implemented acts or program modules running on a computing system and/or (2) as interconnected machine logic circuits or circuit modules within the computing system.
The particular implementation of the techniques disclosed herein is a matter of choice dependent on the performance and other requirements of the computing system. Accordingly, the logical operations described herein may be referred to variously as states, operations, structural devices, acts, or modules. These states, operations, structural devices, acts, and modules may be implemented in software, in firmware, in special purpose digital logic, and any combination thereof. It should be understood that more or fewer operations may be performed than shown in the figures and described herein. These operations may also be performed in a different order than those described herein.
The routine begins at operation 202, where the federated graph provider service 102 receives the request 118 at the base registration API116 or receives the request 126 at the high-level registration API 128. In response to receiving either type of registration request, the routine 200 proceeds from operation 202 to operation 204, at operation 204, the federated graph provider service 102 stores the specified unique service ID 120 in the data store 124. Next, the routine proceeds from operation 204 to operation 206.
If a basic registration has been requested, at operation 206, the federated graph provider service 102 stores the callback URL 122 for the federated facet provider service 108. If a high-level registration has been requested, at operation 208, the federated graph provider service 102 stores the specified URI template 130 in the data store 124. The federated graph provider service 102 may then return a message to the federated facet provider service 108 indicating that the registration was successfully performed at operation 210. The routine 200 then proceeds from operation 210 to operation 212, where it terminates at operation 212.
Fig. 3A is a network diagram illustrating aspects of a mechanism for retrieving facets 320 from a federated facet provider service 108 in an example in which a basic registration has been performed in the manner described above, according to one configuration disclosed herein. As discussed briefly above, once the federated facet provider service 108 has registered with the federated graph provider service 102, the federated facet provider service 108 may be used as a data provider for a particular facet.
For example, in one configuration, the federated graph provider service 102 receives a request 308 for a facet (i.e., a "facet request") from an application 304 executing on a service client 306 for the facet of a resource in the graph. As mentioned above, such a request 308 may be received via a web services API, such as a web services API (shown in fig. 3A as diagram retrieval API 302). The facet request 308 includes a unique service ID 120 that identifies a location in the resource graph (shown in FIG. 3A as graph resource location 310) and is associated with the federated facet provider service 108 that provides the requested facet.
In response to receiving the facet request 308, the federated graph provider service 102 identifies a network address of a network service API (e.g., a website service) exposed by the federated facet provider service 108 that registers with the federated graph provider service 102 to provide the facet. For example, when the basic registration mechanism described above has been utilized, the federated graph provider service 102 may use the unique ID 120 associated with the federated facet provider service 108 to retrieve a previously stored callback URL 122 for the federated facet provider service 108 from the data store 124.
The federated graph provider service 102 also obtains an authentication token 314 that can be used by the requesting service client 306 to authenticate to the federated facet provider service 108. As discussed briefly above, the federated graph provider service 102 and the federated facet provider service 108 have a federated relationship, and thus the federated graph provider service 102 is authorized to generate or otherwise obtain an authentication token 314 that a service client may use to authenticate with the federated facet provider service 108. In one particular implementation, the authentication token 314 is an OAuth 2.0 anonymous (bearer) token obtained or generated by one of the network services 104A-104N. However, other types of authentication tokens and mechanisms may be utilized in other configurations.
In one configuration, the federated graph provider service 102 provides a response to the facet request 308 received from the service client 306 (shown in FIG. 3A) that instructs the service client 306 to perform a callback URL 122 (i.e., a network address) that redirects to a network service API exposed by the federated facet provider service 108 for obtaining the requested facet. In one particular configuration, the redirect indication 312 is an HTTP/1.1302 message that causes the application 304 executing on the service client 306 to redirect its request for the facet to the federated facet provider service 108. In this example, the HTTP message includes a callback URL 122 with a specified graph resource location 310 as a query parameter. Other mechanisms may also be utilized to cause the service client 306 to redirect its request to the federated facet provider service 108.
The response to the facet request 308 also includes an authentication token 314, where the service client 306 may utilize the authentication token 314 to authenticate to the federated facet provider service 108. In turn, the service client 316 redirects the request 316 to the federated facet provider service 108 and includes the authentication token 314 provided by the federated graph provider service 102 with the request 316. The federated facet provider service 122 receives the request 316, validates the included authentication token 314, and if validated, provides the requested facet 320 to the service client 306 in reply 318. The federated facet provider service 108 may identify the requested facet 320 using the graph resource location 310 supplied with the facet request 316.
Returning to the bestbots example introduced above, to obtain a facet 320 identifying the launch size of a user with the identity jsmith @ contoso.com, the application 304 executing on the service client 306 may be to "GET/contoso.com/v 1.0/users/jsmith @ contoso.com/? HTTP requests (i.e., facet requests 308) in the form of HTTPs:// bestboots. com/V1/bootreferences HTTP/1.1 "are sent to the federated graph provider service 102. In this example, the federated graph provider service 102 is operated by a company called Contoso, Inc. (Contoso) and the graph retrieval API is located at graph.
In this example, the federated graph provider service 102 obtains a callback URL 122 for the BestBoots federated facet provider service 108 and an authentication token 314 ("abcdefg") for authenticating with the federated facet provider service 108. Next, the federated graph provider service 102 returns a response (i.e., the redirect instruction 312) to the service client 306 in the form described below.
HTTP/1.1 302 Found
Location: https://bestboots-
preferences.apigateway.serviceprovider.comorginalResourse=
graph.contoso.com/v1.0/users/jsmith@contoso.com
Authorization:Bearer abcdefg
When the service client 306 receives the redirect instruction 312 from the federated graph provider service 102, the service client uses the following HTTP GET message to redirect its request to the callback URL 122 exposed by the federated facet provider service 108:
GET https://bestboots-
preferences.apigateway.serviceprovider.comorginalResourse=
graph.contoso.com/v1.0/users/jsmith@contoso.com
HTTP/1.1
Accept:application/json
Authorization:Bearer abcdefg
The federated facet provider service 108 then utilizes the graph resource location 310 to obtain the requested facet 320 and provides the application 304 with a reply 318 in one configuration that includes the requested facet 320 in the form of:
HTTP/1.1 200 OK
Content-Type:application/json
{
“facetId”:“https://bestboots.com/v1/BootPreferences,”
“value”:[{Boot size for user jsmith@contoso.com}]
}。
when application 304 receives reply 318 that includes facet 320, application 304 may parse reply 318 to obtain facet 320. The face 320 may be utilized in a variety of ways. In this regard, it should be appreciated that the service client 306 may repeatedly utilize the mechanisms described above to obtain the facet 320 from many different federated facet provider services 108. The facets 320 obtained from the various federated facet provider services 108 may then be combined and utilized by the application 304 in various ways. Additional details regarding the retrieval mechanism illustrated in FIG. 3A will be provided below with respect to FIG. 3B.
FIG. 3B is a flow diagram illustrating several routines 350, 370, and 390 that collectively illustrate additional aspects of the mechanism illustrated in FIG. 3B for retrieving a facet 320 from a federated facet provider service 108 when the basic registration mechanism described above has been utilized; routine 350 represents operations performed by the federated facet provider service 108, routine 370 represents operations performed by the service client 306, and routine 390 represents operations performed by the federated graph provider service 102. These routines will be described together.
The routine 370 begins at operation 372, where the service client 306 sends a facet request 308 to the federated graph provider service 102. As discussed above, the facet request 308 includes the graph resource location 310 of the graph resource for which the facet is being requested, and the unique service ID 120 of the federated facet provider service 108 that provided the requested facet.
The routine 390 begins at operation 392, where the federated graph provider service 102 receives the face request 308 at the graph retrieval API 302. In response to receiving the facet request 308, the routine 390 proceeds to operation 394, where the federated graph provider service 102 utilizes the unique service ID 120 provided in the facet request 308 to determine the callback URL 122 for the federated facet provider service 108. The routine 390 then proceeds to operation 396.
At operation 396, the federated graph provider service 102 obtains the authentication token 314 for the federated facet provider service 108. As mentioned above, in one particular configuration, the federated graph provider service 102 obtains the authentication token 314 from one of the network services 104A-104N. Once the authentication token has been obtained, the routine 390 proceeds to operation 398, where the redirect instruction 312 is returned to the service client 306. As discussed above, the redirect instructions 312 cause the service client 306 to redirect to the callback URL 122 of the federated facet provider service 108 and provide the image resource location 310 as a query parameter in the facet request 316. The service client 306 also includes an authentication token 314 provided by the federated graph provider service 102 in the facet request 316. The routine 390 continues from operation 398 to operation 399 where it terminates.
At operation 374 of routine 370, service client 306 receives redirection instructions 312 from federated graph provider service 102. The routine 370 then continues to operation 376, where the service client 306 redirects to the callback URL 122 provided by the federated facet provider service 108. In particular, the service client sends a facet request 316 to the callback URL 122, which includes the graph resource location 310 from the original facet request 308 and the authentication token 314 provided by the federated graph provider service 102.
The routine 350 begins at operation 352, where the federated facet provider service 108 receives the facet request 316, which includes the authentication token 314. From operation 352, the routine 350 proceeds to operation 354, where the federated facet provider service 108 verifies the authentication token 314. If the authentication token 314 can be verified, the routine 350 proceeds from operation 354 to operation 356, where the federated facet provisioning service 108 obtains the requested facet 320 from the data store 112. As discussed above, the graph resource location 310 from the original face request 308 may be used to locate the requested face 320. The routine 350 then continues to operation 358, where the federated facet provider service 108 sends a reply 318 to the service client 306 that includes the requested facet 320. The routine 350 then proceeds from operation 358 to operation 360, where it ends at operation 360.
FIG. 4A is a network diagram illustrating aspects of another mechanism for retrieving faces 320 from a federated face provider service 108 utilizing URI templates 130 according to one configuration disclosed herein. When the high-level registration mechanism described above has been utilized, the federated graph provider service 102 can utilize the unique ID 120 associated with the federated facet provider service 108 to obtain the URI template 130 for the federated facet provider service 108. Next, the federated graph provider service 102 may parse the URI template 130 to generate a network address (e.g., callback URL 122) of a network service API (e.g., web service API) exposed by the federated facet provider service 108 for obtaining the requested facet. Additional details regarding this mechanism are provided below.
In the example shown in FIG. 4A, the facet request 308 also specifies a graph resource location 310 for the graph resource for which the facet is being requested and a unique service ID for the federated facet provider service 108. However, in this example, rather than obtaining the callback URL 122 directly for the federated facet provider service 108, the federated graph provider service 102 utilizes the unique service 102 provided in the facet request 308 to obtain the URL template 130 associated with the federated facet provider service 108. The federated graph provider service 102 may parse the URI template 130 to generate a callback URL 122 for the federated facet provider service 108. The redirect instruction 312 may then be provided in response to the face request 308 including the generated callback URL 122 and the authentication token 314, as in the mechanisms described above with respect to fig. 3A and 3B.
Referring briefly back to the bestbots example, in this example, the face request 308 would take the pair "graph. The facet is in the form of an HTTP GET request of HTTPs// bestboots. c om/v1/Boot Preferences-advanced HTTP/1.1 ". As can be seen, this exemplary HTTP request specifies a graph resource location 310, in this case the identity of the user jsmith @ contoso. com, and the unique service ID 120 of the bestbots federated facet provider service 108, in this case "HTTPs// BestBoots. com/v 1/bootreferences-advanced".
In this example, the conteoso-operated federation graph provider service 102 will identify a previously provided URI template 130 associated with the specified unique service ID 120, and parse the URI template 130 to obtain the callback URL of the BestBoots-operated federation plane provider service 108. In this implementation, the utilization of the parsed URI template as a callback URI 122 for the federated facet provider service 108 may provide a simpler URL than in the configuration of a well-defined callback URL 122. For example, using the BestBoots scenario, the federated graph provider service 102 may provide a response (i.e., redirect instructions 312) of the form:
HTTP/1.1 302 Found
Location:https://bestboots-preferences-
Advanced.apigateway.serviceprovider.com/jsmith@contoso.com
Authorization:Bearer abcdefg
In response to receiving the redirect instruction 312, the service client 306 redirects to the specified callback URL 122 using the provided authentication token 314. For example, in the BestBoots example, service client 306 generates HTTP facet request 316 to callback URL 122 of federated facet provider service 108, which in this example is HTTPs:// BestBoots-preferences-advanced. The facet request 316 also includes an authentication token 314. In response to receiving the facet request 316, the federated facet provider service 108 verifies the authentication token 314 and, if verified, returns a reply 318 with the requested facet 320 to the service client 306. In the BestBoots example, playback 318 may be formatted in the following manner:
HTTP/1.1 200 OK
Content-Type:application/json
{
“facetId”:“https://bestboots.com/v1/BootPreferences-
advanced”,
“value”:[{Boot size for user jsmith@contoso.com}]
}
FIG. 4B is a flow diagram illustrating several routines 450, 470, and 490 that collectively illustrate additional aspects of the mechanism for retrieving faces 320 from the federated face provider service 108 utilizing URI templates 130 when the above-described high-level registration mechanism is utilized. Routine 450 represents operations performed by the federated facet provider service 108, routine 470 represents operations performed by the service client 306, and routine 490 represents operations performed by the federated graph provider service 102. These routines will be described together.
The routine 470 begins at operation 472, where the service client 306 sends the facet request 308 to the federated graph provider service 102. As discussed above, the facet request 308 includes the graph resource location 310 of the graph resource for which the facet is being requested and the unique service ID 120 of the federated facet provider service 108 that provided the requested facet.
The routine 490 begins at operation 492, where the federated graph provider service 102 receives the surface request 308 at the graph retrieval API 302. In response to receiving the facet request 308, the routine 490 proceeds to operation 494, where the federated graph provider service 102 utilizes the unique service ID 120 provided in the facet request 308 to determine the previously provided URI template 130 for the federated facet provider service 108. The routine 490 then proceeds to operation 496.
At operation 496, the federated graph provider service 102 parses the URI template 130 to obtain the callback URL 122 for the federated facet provider service 108. The routine 490 then continues to operation 497, where the federated graph provider service 102 obtains the authentication token 314 for the federated facet provider service 108. As mentioned above, in one particular configuration, the federated graph provider service 102 obtains the authentication token 314 from one of the network services 104A-104N.
Once the authentication token 314 has been obtained, the routine 490 proceeds to operation 498, where the redirect instruction 312 is returned to the service client 306. As discussed above, the redirect instructions 312 cause the service client 306 to redirect to the callback URL 122 of the federated facet provider service 108, in this case the parsed URI template 130. Routine 490 continues from operation 498 to operation 499 where it ends at operation 499.
At operation 474 of routine 470, the service client 306 receives the redirect instruction 312 from the federated graph provider service 102. The routine 470 then continues to operation 476, where the service client 306 redirects to the callback URL 122 provided by the federated facet provider service 108. In particular, the service client sends a face request 316 for the callback URL 122 (i.e., the parsed URI template 130) that includes an authentication token 314 provided by the federated graph provider service 102.
The routine 450 begins at operation 452, where the federated facet provider service 108 receives the facet request 316, which includes the authentication token 314. The routine 450 proceeds from operation 452 to operation 454, where the federated facet provider service 108 verifies the authentication token 314. If the authentication token 314 can be verified, the routine 450 proceeds from operation 454 to operation 456, where the federated facet provider service 108 obtains the requested facet 320 from the data store 112. The routine 450 then continues to operation 458, where the federated facet provider service 108 sends a reply 318 to the service client 306 that includes the requested facet 320. The routine 450 then proceeds from operation 458 to operation 460, which ends at operation 460.
As briefly mentioned above, in particular implementations of the techniques disclosed herein, the federated graph provider service 102, the federated facet provider service 108, and the service client 306 may be located in different geographic locations. For example, in one particular example, the federated graph provider service 102 is located in the united states, the federated facet provider service 108 is located in germany, and the service client 306 is located in france.
In this example implementation, service client 306 may utilize the mechanisms described above to make requests 308 for sensitive data that is not allowed to leave the european union ("EU") boundary. The request 308 may be made to a federated graph provider service 102 located in the united states, but it will be redirected to a federated facet provider service 108 located in germany. Thus, in this exemplary implementation, a service client 306 located in france may retrieve data from a federated facet provider service 108 located in germany without the data leaving the EU boundary. As mentioned above, other technical benefits may be achieved from the implementation of the techniques disclosed herein.
Fig. 5 is a network diagram illustrating aspects of a mechanism for querying for facets and for obtaining information about facet providers, according to several configurations disclosed herein. In particular, in some configurations, the federated graph provider service 102 exposes a network service API 502 (e.g., a web service API) through which callers may obtain information about a particular facet. For example, the federated graph provider service 102 may receive a request for information about a facet (shown in FIG. 5 as facet information query 504) that includes the unique service ID120 of the registered federated facet provider service 108.
The federated graph provider service 102 may utilize the unique ID120 associated with the federated facet provider service 108 to obtain the requested information 506 about the facet 320 from the data store 124. The requested information 506 about the face may then be returned in response to a query for the information 504. The information 506 about the facet may include, but is not limited to, the unique service ID120 associated with the federated facet provider service 108, a name of an entity running the federated facet provider service 108, a textual description of the facet, and/or details about the authentication token 314 used to authenticate the federated facet provider service 108. In the example of bestbots provided above, the HTTP request to execute facet information query 504 may be formatted as follows:
GET
/contoso.com/v1.0/?$facet=https://bestboots.com/v1/BootPreferences
Accept:application/json
The facet information 506 provided in response to such a query 504 may be formatted as follows:
in some configurations, the federated graph provider service 102 exposes a network service API (e.g., a web service API) through which callers may obtain data identifying particular facets associated with resources in the graph. For example, and without limitation, a request for such an API (shown as facet query API 508 in FIG. 5) may provide a graph resource location 310 for a resource in a graph. In response to such a request, federated graph provider service 102 may identify facets 320 associated with the identified resources and provide information 512 about the facets in a reply to query 510.
The facet information 512 may include, for example, a unique service ID 120 associated with each facet, data identifying the entity operating the associated federated facet provider service 108, a textual description of the facet, a callback URL 122 for the associated federated facet provider service 108, and/or details about the authentication token used to validate the federated facet provider service 108. In the bestbots example provided above, an HTTP request for facet information 512 for a user (i.e., jsmith @ contoso. com) may be formatted as follows:
GET/contoso.com/v1.0/users/jsmith@contoso.com/$facets
HTTP/1.1
Accept:application/json
The facet information 512 provided in the query 510 for this may be formatted as follows:
it should be appreciated that in one particular configuration, the surface information 512 may be filtered through an appropriately formatted HTTP GET request. For example, in the example of bestbots, an HTTP GET may be formatted to restrict facet information 512 to facets provided by bestbots as "GET HTTPs:// graph. contoso.com/v1.0/users/jsmith @ contoso.com/$ facetsfilter $ facetP provider eq. Other types of filtering and sorting may also be applied to facet information 512 returned by the call to facet query API 508.
FIG. 6 is a flow diagram illustrating a routine 600 showing additional aspects of the mechanism shown in FIG. 5 for obtaining information about an facet supplier, according to one configuration disclosed herein. The routine 600 begins at operation 602, where the federated graph provider service 102 receives a facet information query 504 that includes a unique service ID 122 for the federated facet provider service 108. In response to receiving such a request, the routine 600 proceeds from operation 602 to operation 604.
At operation 604, the federated graph provider service 102 retrieves the facet information 506 for the facet provider associated with the provided unique service ID 120. The routine 600 then continues from operation 604 to operation 606, where the federated graph provider service 102 returns face information 506 in the reply to the face information query 504. As discussed above, the facet information 506 may include, but is not limited to, the unique service ID 120 associated with the federated facet provider service 108, the name of the entity operating the federated facet provider service 108, a textual description of the facet, and/or details about the authentication token 314 used to authenticate with the federated facet provider service 108. Next, the routine 600 proceeds from operation 606 to operation 608, where it ends at operation 608.
FIG. 7 is a flow diagram illustrating a routine 700 showing additional aspects of the mechanism shown in FIG. 5 for querying against a surface, according to one configuration disclosed herein. The routine 700 begins at operation 702, where the federated graph provider service 102 receives a facet query 510 specifying a graph resource location 310 for a resource in a graph. The routine 700 then continues from operation 702 to operation 704, where the federated graph provider service 102 determines the facets and/or facet providers that apply to the specified resources. Next, the routine 700 proceeds from operation 704 to operation 706.
At operation 706, the federated graph provider service 102 filters, sorts, or otherwise applies the requested operations to the facet information 506 for the resources identified in the graph. The routine 700 then proceeds from operation 706 to operation 708, where the federated graph provider service 102 returns facet information 512 for the identified graph resource in a reply to the facet query 310. As discussed above, the facet information 512 may include, but is not limited to, a unique service ID 120 associated with each facet 320, data identifying the entity operating the associated federated facet provider service 108, a textual description of the facet, a callback URL 122 for the associated federated facet provider service 108, and/or information about an authentication token for authenticating the federated facet provider service 102. The routine 700 then proceeds from operation 708 to operation 710, where it ends at operation 710.
Fig. 8 is a network diagram illustrating aspects of a mechanism for retrieving facets 320 from a federated facet provider service 108 that does not utilize client-side redirection, according to one configuration disclosed herein. As shown in fig. 8, the federated graph provider service 102 may receive a graph resource location 310 specifying the resources in the graph and a facet request 308 for the unique service ID 120 of the federated facet provider service 108. The federated graph provider service 102 then uses the URI template 130 to obtain the callback URL 122, either directly or in the manner described above.
However, in this configuration, the federated graph provider service 102 utilizes the callback URL 122 and the authentication token 314 of the federated facet provider service 108 to obtain the requested facet 320 directly from the federated facet provider service 108 itself. For example, and as shown in fig. 8, the federated graph provider service 102 may send a facet request 316 to the callback URL 122 that includes the authentication token 314.
In response to receiving the facet request 316, the federated facet provider service 108 verifies the authentication token 314 and, if verified, retrieves the requested facet 320 from the data store 112 and returns a reply 318 to the federated graph provider service 102 that includes the facet 320. Next, the federated graph provider service 102 returns a response 802 to the service client that includes the facet 320. In this configuration, no redirection of the service client 306 to the federated facet provider service 108 is required, thereby enabling the retrieval of the requested facet 320 to be performed more quickly. Additionally, in this configuration, the federated graph provider service 102 may also provide, in response to such a request 308, other information 804 associated with graph resources obtained from the federated network services 104A-104N. Additional details regarding this mechanism will be provided below with respect to fig. 9.
FIG. 9 is a flow diagram illustrating several routines 950, 960, and 970, which collectively illustrate additional aspects of a mechanism for retrieving a facet 320 from a federated facet provider service 108 without redirecting a service client 306, according to one configuration disclosed herein. Routine 950 represents operations performed by the service client 306, routine 970 represents operations performed by the federated graph provider service 102, and routine 990 represents operations performed by the federated facet provider service 108. These routines will be described together.
The routine 950 begins at operation 952, where the service client 306 sends a facet request 308 to the federated graph provider service 102. The routine 970 begins at operation 972, where the federated graph provider service 102 receives the face request 308. The routine 970 then continues to operation 974, where the federated graph provider service 102 determines the callback URL 122 for the federated facet provider service 108. As discussed above, the callback URL 122 may be explicitly provided or determined using a URI template 130 associated with the federated facet provider service 108.
The routine 970 proceeds from operation 974 to operation 976, where the federated graph provider service 102 sends the facet request 316, including the authentication token 314, to the callback URL 122 of the federated facet provider service 108. The routine 990 begins at operation 992, where the federated facet provider service 108 receives the facet request 316 that includes the authentication token 314. Next, the routine 990 proceeds from operation 992 to operation 994.
At operation 994, the federated facet provider service 108 verifies the authentication token 314. If the authentication token 314 can be verified, the routine 990 proceeds from operation 994 to operation 996, where the federated facet provider service 108 obtains the requested facet 320 from the data store 112. The routine 990 then proceeds to operation 998, where the federated facet provider service 108 sends a reply 318 to the federated graph provider service 102 that includes the requested facet 320. Next, the routine 990 proceeds from operation 998 to operation 999, where it ends at operation 999.
The federated graph provider service 102 receives the reply 318 with the requested facet 320 at operation 978 of the routine 970. The routine 970 then continues from operation 978 to operation 980, where the federated graph provider service 102 retrieves the other graph resource information 804 from the other network services 104A-104N, if requested. The routine 970 then continues to operation 982, where the federated graph provider service 102 sends the response 802, including the facet 304 and other graph resource information 804, to the service client 306 if requested. The routine 970 then proceeds from operation 982 to operation 984, which ends at operation 984.
At operation 954 of routine 950, service client 306 receives response 802, which includes facet 320 and any other graph resource information 804. Then, the routine 950 proceeds from operation 954 to operation 956, which ends at operation 956.
It should be appreciated that the application 304 executing on the service client 306, the federated graph provider service 102, the federated facet provider service 108, and other software components described above may be implemented using or in conjunction with: binary executables, dynamic link libraries ("DLLs"), APIs, web services, script files, interpreted program code, software containers, object files, bytecode suitable for just-in-time compilation, and/or other types of program code capable of being executed by a processor to perform the operations described herein with respect to fig. 1-9.
FIG. 10 is a computer architecture diagram illustrating the architecture of a computer 1000 capable of implementing aspects of the technology presented herein. The architecture shown in fig. 10 is an architecture for a server computer, a mobile phone, an e-reader, a smart phone, a desktop computer, a notebook computer, a tablet computer, a laptop computer, or another type of computing device suitable for executing the software components presented herein.
In this regard, it should be understood that the computer 1000 illustrated in fig. 10 may be used to implement a computing device capable of executing any of the software components presented herein. For example, and without limitation, the computing architecture described with respect to the computer 1000 may be used to implement a server computer in a graph provider network 106 for executing a federated graph provider service 102, a server computer in an facet provider network 114 for executing a federated facet provider service 108, a service client 306 for executing an application 304, and/or other types of computing systems for executing any of the other software components described above.
The computer 1000 shown in FIG. 10 includes a central processing unit 1002 ("CPU"), a system memory 1004, including a random access memory 1006 ("RAM") and a read-only memory ("ROM") 1008, and a system bus 1010 that couples the memory 1004 to the CPU 1002. A basic input/output system containing the basic routines that help to transfer information between elements within the computer 1000, such as during start-up, is stored in the ROM 1008. The computer 1000 also includes a mass storage device 1012 for storing an operating system 1014 and one or more programs, including but not limited to a federated graph provider service 102, a federated facet provider service 108, or an application 304, depending on the use of the computer 1000. The mass storage device 1012 may also be configured to store other types of programs and data not specifically shown in FIG. 10.
The mass storage device 1012 is connected to the CPU 1002 through a mass storage controller (not shown) connected to the bus 1010. The mass storage device 1012 and its associated computer-readable media provide non-volatile storage for the computer 1000. Although the description of computer-readable media contained herein refers to a mass storage device, such as a hard disk, CD-ROM drive, DVD-ROM drive, or USB memory key, it should be appreciated by those skilled in the art that computer-readable media can be any available computer storage media or communication media that can be accessed by the computer 1000.
Communication media includes computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any delivery media. The term "modulated data signal" means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of any of the above should also be included within the scope of computer readable media.
By way of example, and not limitation, computer storage media may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data. For example, computer media includes, but is not limited to, RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, digital versatile disks ("DVD"), HD-DVD, BLU-RAY, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by the computer 1000. For the purposes of the claims, the phrase "computer storage medium" and variations thereof does not include the wave or signal itself or the communication medium itself.
According to various configurations, the computer 1000 may operate in a networked environment using logical connections to remote computers through a network such as the network 1018. The computer 1000 may connect to the network 1018 through a network interface unit 1020 connected to the bus 1010. It should be appreciated that the network interface unit 1020 may also be utilized to connect to other types of networks and remote computer systems. The computer 1000 may also include an input/output controller 1016 for receiving and processing input from a number of other devices, including a keyboard, mouse, electronic stylus (not shown in FIG. 10). Similarly, an input/output controller 1016 may provide output to a display screen, a printer, or other type of output device (also not shown in FIG. 10).
It should be appreciated that the software components described herein, such as the federated graph provider service 102, the federated facet provider service 108, and the applications 304, when loaded into the CPU 1002 and executed, may transform the CPU 1002 and the overall computer 1000 from a general-purpose computing system into a special-purpose computing system customized to facilitate implementing the functionality presented herein. The CPU 1002 may be constructed from any number of transistors or other discrete circuit elements, which may individually or collectively assume any number of states. More specifically, the CPU 1002 may operate as a finite state machine in response to executable instructions contained in software modules disclosed herein, such as the application 304. These computer-executable instructions may transform the CPU 1002 by specifying how the CPU transitions between states, thereby transforming the transistors or other discrete hardware elements that make up the CPU 1002.
Encoding software modules (e.g., applications 304) presented herein may also transform the physical structure of computer-readable media presented herein. The specific transformation of physical structure depends on various factors, in different implementations of this description. Examples of such factors include, but are not limited to, the technology used to implement the computer-readable media, whether characterized as main memory or secondary memory, and the like. For example, if the computer-readable medium is implemented as semiconductor-based memory, the software disclosed herein may be encoded on the computer-readable medium by transforming the physical state of the semiconductor memory. For example, software may transform the state of transistors, capacitors, or other discrete circuit elements that make up a semiconductor memory. Software may also transform the physical state of such components to store data thereon.
As another example, the computer-readable media disclosed herein may be implemented using magnetic or optical technology. In such implementations, the software components presented herein may transform the physical state of magnetic or optical media when the software is encoded therein. These transformations may include alerting the magnetic properties of particular locations in a given magnetic medium. These transformations may also include alerting physical features or characteristics of particular locations in a given optical medium to change the optical characteristics of those locations. Other transformations of physical media are possible without departing from the scope of the present specification, with the foregoing examples provided only to facilitate this discussion.
From the foregoing, it should be appreciated that many types of physical transformations may occur in the computer 1000 to store and execute the components presented herein. It should also be appreciated that the architecture of the computer 1000 illustrated in FIG. 10, or a similar architecture, may be used to implement other types of computing devices, including handheld computers, embedded computing systems, mobile devices such as smart phones or tablets, and other types of computing devices known to those skilled in the art. It is also contemplated that computer 1000 may not include all of the components shown in fig. 10, may include other components not explicitly shown in fig. 10, or may utilize an entirely different architecture than that shown in fig. 10.
FIG. 11 shows aspects of an illustrative distributed computing environment 1102 in which software components described herein may execute. Thus, the distributed computing environment 1102 shown in fig. 11 may be used to execute any of the program code and/or other software components described herein that are capable of providing the functionality described herein with respect to fig. 1-9, such as the federated graph provider service 102, the federated facet provider service 108, and the applications 304. For example, and without limitation, distributed computing environment 1102 may be used to implement graph provider network 106 and/or facet provider network 114.
According to various implementations, the distributed computing environment 1102 operates on the network 1103, is in communication with the network 1103, or is part of the network 1103. One or more client devices 1106A-1106N (hereinafter collectively and/or generically referred to as "clients 1106") may communicate with distributed computing environment 1102 via a network 1103 and/or other connection (not shown in fig. 11).
In the illustrated configuration, the client 1106 includes: a computing device 1106A such as a laptop computer, desktop computer, or other computing device; "slate" or tablet computing device ("tablet computing device") 1106B; a mobile computing device 1106C such as a mobile phone, smart phone, or other mobile computing device; server computer 1106D; and/or other devices 1106N. It should be appreciated that any number of clients 1106 may communicate with the distributed computing environment 1102. Two exemplary computing architectures for the client 1106 are shown and described herein with reference to fig. 10 and 11. It should be understood that the client 1106 shown herein and the computer architecture shown and described herein are illustrative and should not be construed as being limiting in any way.
In the illustrated configuration, distributed computing environment 1102 includes an application server 1104, a data store 1110, and one or more network interfaces 1112. According to various implementations, the functionality of the application server 1104 may be provided by one or more server computers executing as part of the network 1103 or in communication with the network 1103. The application servers 1104 can host various services, virtual machines, ports, and/or other resources, such as the federated graph provider service 102 and the federated facet provider service 108 described above. In the illustrated configuration, the application server 1104 hosts one or more virtual machines for hosting applications or network services, such as the federated graph provider service 102, the federated facet provider service 108, or other types of applications and/or services. According to various implementations, virtual machine 1114 hosts one or more applications and/or software modules, such as application 304. It should be understood that this configuration is illustrative, and should not be construed as being limiting in any way. Application server 1104 may also host or provide access to one or more of web ports, link pages, websites, and/or other information ("web ports") 1116.
According to various implementations, the application server 1104 also includes one or more mailbox services 1118 and one or more messaging services 1120. Mailbox service 1118 may include an electronic mail ("email") service. Mailbox services 1118 may also include various personal information management ("PIM") services including, but not limited to, calendar services, contact management services, collaboration services, or/and other services. Messaging services 1120 may include, but are not limited to, instant messaging ("IM") services, chat services, forum services, and/or other communication services.
The application server 1104 may also include one or more social networking services 1122. Social networking service 1122 may provide various types of social networking services, including but not limited to services for sharing or posting status updates, instant messages, links, photos, videos, and/or other information, services for commenting or displaying articles, products, blogs, or other resources of interest, and/or other services. In some configurations, the social networking service 1122 is provided by or includes a FACEBOOK social networking service, a LINKEDIN professional networking service, a MYSPACE social networking service, a FOURSQARE geographic networking service, a YAMMER office colleague networking service, or the like. In other configurations, the social networking service 1122 is provided by other services, sites, and/or providers, which may be referred to as "social networking providers. For example, some websites allow users to interact with each other during various activities and/or contexts via email, chat services, and/or other means, such as reading published papers, commenting on goods or services, publishing, collaboration, gaming, and the like. Other services are possible and contemplated.
As also shown in fig. 11, application server 1104 can also host other services, applications, ports, and/or other resources ("other services") 1124. Other services 1124 may include, but are not limited to, any of the network services 104A-104N, and/or other software components described herein. Thus, it should be understood that distributed computing environment 1102 may provide integration of the techniques disclosed herein with various mailboxes, messaging, social networks, productivity, conversions, and/or other types of services or resources.
As mentioned above, the distributed computing environment 1102 may include a data store 1110. According to various implementations, the functionality of data store 1110 is provided by one or more databases operating on network 1103 or in communication with network 1103. The functionality of the data store 1110 can also be provided by one or more server computers configured to host data of the distributed computing environment 1102. The data store 1110 can include, host, or provide one or more actual or virtual data stores 1126A-1126N (hereinafter collectively and/or generically referred to as "data store 1126"). Data store 1126 is configured to host data used or created by application server 1104 and/or other data.
Distributed computing environment 1102 may be in communication with or accessible by network interface 1112. Network interface 1112 may include various types of network hardware and software for supporting communication between two or more computing devices, including but not limited to client 1106 and application server 1104. It should be appreciated that the network interface 1112 may also be utilized to connect to other types of networks and/or computer systems.
It should be appreciated that the distributed computing environment 1102 described herein may implement any aspect of the software elements described herein using any number of virtual computing resources and/or may be configured to execute any aspect of the software components disclosed herein. According to various implementations of the techniques disclosed herein, the distributed computing environment 1102 will provide some or all of the software functionality described herein as serving clients 1106. It should be understood that client 1106 may also include a real or virtual machine including, but not limited to, a server computer, web server, personal computer, mobile computing device, smart phone, and/or other device. Thus, various implementations of the technology disclosed herein enable any device to be configured to access the distributed computing environment 1102 to utilize the functionality described herein.
Turning now to fig. 12, a computing device architecture 1200 for a computing device capable of implementing the various software components described herein will be described. The computing device architecture 1200 is suitable for computing devices that facilitate mobile computing due in part to form factor, wireless connectivity, and/or battery powered operation. In some configurations, the computing device includes, but is not limited to, a mobile phone, a tablet device, a portable video game device, and the like.
The computing device architecture 1200 is also applicable to any of the clients 1106 shown in FIG. 11. Moreover, aspects of the computing device architecture 1200 are applicable to traditional desktop computers, portable computers (e.g., laptop computers, notebooks, ultra-portable computers, and netbooks), server computers, and other computing systems such as those described herein with reference to fig. 12. For example, the single-touch and multi-touch aspects disclosed below may be applied to a desktop computer that utilizes a touch screen or some other device with touch functionality, such as a track pad with touch functionality or a mouse with touch functionality. The computing device architecture 1200 may also be used to implement the service client 306 for executing the applications 304, and/or other types of computing devices for implementing or consuming the functionality described herein.
The computing device architecture 1200 shown in fig. 12 includes a processor 1202, a storage component 1204, a network connectivity component 1206, a sensor component 1208, an input/output component 1210, and a power component 1212. In the illustrated configuration, the processor 1202 communicates with a storage component 1204, a network connectivity component 1206, sensors 1208, input/output ("I/O") components 1210, and a power component 1212. Although connections are not shown between the individual components shown in fig. 12, these components may be electrically connected in order to interact and perform device functions. In some configurations, the components are arranged to communicate via one or more buses (not shown).
The processor 1202 includes one or more central processing unit ("CPU") cores configured to process data, execute computer-executable instructions of one or more application programs (e.g., application 304), and communicate with other components of the computing device architecture 1200 in order to perform aspects of the functionality described herein. The processor 1202 may be used to execute aspects of the software components presented herein, and in particular, those that utilize, at least in part, touch-enabled input.
In some configurations, the processor 1202 includes a graphics processing unit ("GPU") configured to accelerate operations performed by the CPU, including, but not limited to, operations performed by executing general purpose scientific and engineering computing applications, as well as graphics intensive computing applications such as high resolution video (e.g., 720P, 1080P, 4K, and greater), video games, 3D modeling applications, and the like. In some configurations, the processor 1202 is configured to communicate with a discrete GPU (not shown). In any case, the CPU and GPU may be configured according to a co-processing CPU/GPU computing model, where the sequential and compute-intensive portions of the application executing on the CPU are accelerated by the GPU.
In some configurations, the processor 1202 is or is included in a system-on-chip ("SoC") with one or more of the other components described herein below. For example, the SoC may include the processor 1202, the GPU, one or more of the network connectivity components 1206, and one or more of the sensor components 1208. In some configurations, the processor 1202 is fabricated, in part, using package-on-package ("PoP") integrated circuit packaging techniques. Further, processor 1202 may be a single-core or multi-core processor.
The processor 1202 may be created according to the ARM architecture, which may be licensed from ARM international corporation of cambridge, england. Alternatively, the processor 1202 may be created according to the x86 architecture, such as available from Intel corporation and others of Mountain View, Calif. In some configurations, the processor 1202 is a snap drgon SoC available from the high-traffic corporation of San Diego, California, a TEGRA SoC available from NVIDIA, Santa Clara, California, a hummmingbird SoC available from samsung, seoul, an open multimedia application platform ("OMAP") SoC available from Texas instruments, Dallas, Texas, a custom version of any of the above, or a dedicated SoC.
The memory components 1204 include RAM 1214, ROM 1216, integrated storage memory ("integrated storage") 1218, and removable storage memory ("removable storage") 1220. In some configurations, the RAM 1214 or portions thereof, the ROM 1216 or portions thereof, and/or some combination of the RAM 1214 and ROM 1216 are integrated in the processor 1202. In some configurations, the ROM 1216 is configured to store firmware, an operating system or portion thereof (e.g., an operating system kernel), and/or a boot loader for loading the operating system kernel from the integrated storage 1218 or the removable storage 1220.
The integrated storage 1218 may include solid state memory, a hard disk, or a combination of solid state memory and a hard disk. The integrated storage 1218 may be soldered or otherwise connected to a logic board to which the processor 1202 and other components described herein are also connected. Thus, the integrated storage 1218 is integrated into a computing device. Integrated storage 1218 may be configured to store an operating system or portions thereof, applications, data, and other software components described herein.
The removable storage 1220 may include solid state memory, a hard disk, or a combination of solid state memory and a hard disk. In some configurations, removable storage 1220 is provided in place of integrated storage 1218. In other configurations, removable storage 1220 is provided as additional optional storage. In some configurations, the removable storage 1220 is logically integrated with the integrated storage 1218 such that the entire available storage is available and shown to the user as the entire combined capacity of the integrated storage 1218 and the removable storage 1220.
The removable storage 1220 is configured to be inserted into a removable storage memory slot (not shown) or other mechanism by which the removable storage 1220 is inserted and secured to facilitate a connection over which the removable storage 1220 may communicate with other components of the computing device, such as the processor 1202. Removable storage 1220 may be implemented in a variety of memory card formats, including, but not limited to, PC card, compactflash card, memory stick, secure digital ("SD"), mini SD, micro SD, universal integrated circuit card ("UICC") (e.g., subscriber identity module ("SIM") or universal SIM ("USIM")), proprietary formats, and the like.
It is to be appreciated that one or more of the storage components 1204 can store an operating system. According to various configurations, the operating system includes, but is not limited to, WINDOWS MOBILE OS, WINDOWS PHONE OS, or WINDOWS OS from MICROSOFT CORPORATION, BLACKBERRY OS from dynamic research, Inc. of Waterloo, Ontario, Canada, IOS from apple, Inc. of Cupertino, California, and ANDROID OS from Google, Inc. of Mountain View, California. Other operating systems are contemplated.
The network connectivity components 1206 include a wireless wide area network component ("WWAN component") 1222, a wireless local area network component ("WLAN component") 1224, and a wireless personal area network component ("WPAN component") 1226. The network connectivity component 1206 facilitates communication to and from a network 1228, which can be a WWAN, WLAN, or WPAN. Although a single network 1228 is shown, the network connectivity component 1206 may facilitate simultaneous communication with multiple networks. For example, the network connectivity component 1206 can facilitate communicating with multiple networks simultaneously via one or more of a WWAN, WLAN, or WPAN.
The network 1228 can be a WWAN, such as a mobile telecommunications network that utilizes one or more mobile telecommunications technologies to provide voice and/or data services to a computing device utilizing the computing device architecture 1200 via a WWAN component 1222. Mobile telecommunications technologies may include, but are not limited to, global system for mobile communications ("GSM"), code division multiple access ("CDMA") ONE, CDMA 2000, universal mobile telecommunications system ("UMTS"), long term evolution ("LTE"), and worldwide interoperability for microwave access ("WiMAX").
In addition, network 1228 may utilize various channel access methods (which may or may not be used with the aforementioned standards), including, but not limited to, time division multiple access ("TDMA"), frequency division multiple access ("FDMA"), CDMA, wideband CDMA ("W-CDMA"), orthogonal frequency division multiplexing ("OFDM"), space division multiple access ("SDMA"), and so forth. General packet radio service ("GPRS"), enhanced data rates for global evolution ("EDGE"), a family of high speed packet access ("HSPA") protocols including high speed downlink packet access ("HSDPA"), enhanced uplink ("EUL") or otherwise known as high speed uplink packet access ("HSUPA"), evolved HSPA ("HSPA +"), LTE, and various other current and future wireless data access standards may be used. The network 1228 may be configured to provide voice and/or data communications using any combination of the techniques described above. The network 1228 may be configured or adapted to provide voice and/or data communications in accordance with progeny techniques.
In some configurations, the WWAN component 1222 is configured to provide dual-multi-mode connectivity to the network 1228. For example, the WWAN component 1222 may be configured to provide connectivity to a network 1228, wherein the network 1228 provides services via GSM or UMTS technology, or via some other combination of technologies. Alternatively, multiple WWAN components 1222 may be used to perform such functions and/or provide additional functions for supporting other non-compatible technologies (i.e., not capable of being supported by a single WWAN component). The WWAN component 1222 can facilitate similar connectivity to multiple networks (e.g., UMTS networks and LTE networks).
The network 1228 may be a WPAN that operates according to infrared data communication ("IrDA"), bluetooth, wireless universal serial bus ("USB"), Z-wave, ZIGBEE, or some other short-range wireless technology. In some configurations, the WPAN component 1226 is configured to facilitate communication with other devices, such as peripherals, computers, or other computing devices, via the WPAN.
The sensor assembly 1208 includes a magnetometer 1230, an ambient light sensor 1232, a proximity sensor 1234, an accelerometer 1236, a gyroscope 1238, and a global positioning system sensor ("GPS sensor") 1240. It is contemplated that other sensors, such as, but not limited to, temperature sensors or impact detection sensors, may also be incorporated into the computing device architecture 1200.
Magnetometer 1230 is configured to measure the strength and direction of a magnetic field. In some configurations, the magnetometer 1230 provides measurements to a compass application stored within one of the memory components 1204 to provide the user with an accurate direction in a frame of reference that contains the cardinal directions north, south, east, and west. Similar measurements may be provided to a navigation application that includes a guide needle assembly. Other uses of the measurements obtained by the magnetometer 1230 are contemplated.
The ambient light sensor 1232 is configured to measure ambient light. In some configurations, the ambient light sensor 1232 provides measurements to an application (e.g., application 304) stored within one of the memory components 1204 to automatically adjust the brightness of the display (described below) to compensate for low and high brightness environments. Other uses of the measurements obtained by ambient light sensor 1232 are contemplated.
The proximity sensor 1234 is configured to detect the presence of an object or thing in proximity to the computing device without direct contact. In some configurations, the proximity sensor 1234 detects the presence of a user's body (e.g., the user's face) and provides that information to an application stored within one of the storage components 1204, which utilizes the proximity information to enable or disable certain functionality of the computing device. For example, the phone application may automatically disable a touch screen (described below) in response to receiving the proximity information so that the user's face does not inadvertently terminate the phone or enable/disable other functions within the phone application during the call. Other uses of proximity as detected by the proximity sensor 1234 are contemplated.
The accelerometer 1236 is configured to measure suitable acceleration. In some configurations, the output from accelerometer 1236 is used by an application as an input mechanism to control some function of the application. In some configurations, the output from accelerometer 1236 is provided to an application for use in switching between landscape and portrait modes, calculating coordinated acceleration, or detecting a fall. Other uses for accelerometer 1236 are contemplated.
The gyroscope 1238 is configured to measure and maintain the direction. In some configurations, the output from gyroscope 1238 is used by an application as an input mechanism to control some function of the application. For example, gyroscope 1238 may be used to accurately identify motion within the 3D environment of a video game application or some other application. In some configurations, the application utilizes the output from gyroscope 1238 and accelerometer 1236 to enhance control of some function of application 304. Other uses for gyroscope 1238 are contemplated.
The GPS sensor 1240 is configured to receive signals from GPS satellites for use in calculating a position. The location calculated by the GPS sensor 1240 may be used by any application that requires or benefits from location information. For example, the location calculated by the GPS sensor 1240 may be used with a navigation application to provide directions from the location to the destination or directions from the destination to the location. In addition, the GPS sensor 1240 may be used to provide location information to external location-based services, such as E911 services. The GPS sensor 1240 may obtain location information generated via WI-FI, WIMAX, and/or cellular triangulation techniques that use one or more network connectivity components 1206 to assist the GPS sensor 1240 in obtaining a position fix. The GPS sensor 1240 may also be used in an assisted GPS ("A-GPS") system.
The I/O components 1210 include a display 1242, a touch screen 1244, data I/O interface components ("data I/O") 1246, audio I/O interface components ("audio I/O") 1248, video I/O interface components ("video I/O") 1250, and a camera 1252. In some configurations, the display 1242 and touch screen 1244 are combined. In some configurations, two or more of data I/O component 1246, audio component 1248, and video I/O component 1250 are combined. The I/O component 1210 may include a discrete processor configured to support the various interfaces described below, or may include processing functionality built into the processor 1202.
The touch screen 1244 is an input device configured to detect the presence and location of a touch. Touch screen 1244 can be a resistive touch screen, a capacitive touch screen, a surface acoustic wave touch screen, an infrared touch screen, an optical imaging touch screen, a dispersive signal touch screen, a voice pulse recognition touch screen, or can utilize any other touch screen technology. In some configurations, a touch screen 1244 is incorporated on top of the display 1242 as a transparent layer to enable a user to interact with objects or other information presented on the display 1242 using one or more touches. In other configurations, the touch screen 1244 is a touchpad incorporated onto a surface of a computing device that does not include the display 1242. For example, a computing device may have a touch screen incorporated on top of display 1242 and a touch pad on a surface opposite display 1242.
In some configurations, the touch screen 1244 is a single point touch screen. In other implementations, the touch screen 1244 is a multi-touch screen. In some configurations, the touch screen 1244 is configured to detect discrete touches, single touch gestures, and/or multi-touch gestures. For convenience, these are referred to herein collectively as "gestures". Several gestures will now be described. It should be understood that these gestures are illustrative and are not intended to limit the scope of the appended claims. Further, the described gestures, additional gestures, and/or alternative gestures may be implemented in software for use with the touchscreen 1244. Thus, a developer may create gestures that are specific to a particular application.
In some configurations, the touch screen 1244 supports a tap gesture in which a user taps the touch screen 1244 once on an item presented by the display 1242. The tap gesture may be used for a variety of reasons, including but not limited to opening or initiating anything tapped by the user, such as a graphical icon representing the application 304. In some configurations, the touch screen 1244 supports a double tap gesture in which a user taps the touch screen 1244 twice on an item displayed on the display 1242. The double tap gesture may be used for various reasons including, but not limited to, zooming in or out in stages. In some configurations, the touch screen 1244 supports a tap and hold gesture in which a user taps the touch screen 1244 and maintains contact for at least a predefined time. The tap-and-hold gesture may be used for various reasons including, but not limited to, opening a context-specific menu.
In some configurations, the touch screen 124 supports a panning gesture in which a user places a finger on the touch screen 1244 and maintains contact with the touch screen 1244 while moving the finger on the touch screen 1244. The pan gesture may be used for a variety of reasons including, but not limited to, moving through a screen, image, or menu at a controlled speed. Multiple finger translation gestures are also contemplated. In some configurations, the touchscreen 1244 supports a swipe gesture in which the user slides a finger in a direction in which the user wants the screen to move. The swipe gesture may be used for a variety of reasons, including, but not limited to, scrolling horizontally or vertically through a menu or page. In some configurations, the touch screen 1244 supports squeeze and extend gestures in which a user makes a squeeze action with two fingers (e.g., thumb and forefinger) or moves the two fingers apart on the touch screen 1244. The pinch and stretch gestures may be used for a variety of reasons including, but not limited to, progressively zooming in or out of a website, map, or picture.
While the gestures described above have been presented with reference to the use of one or more fingers for performing the gestures, other accessories such as toes or objects such as a stylus may be used to interact with the touch screen 1244. Thus, the above gestures should be understood to be illustrative, and should not be construed as being limiting in any way.
The data I/O interface component 1246 is configured to facilitate input and output of data to and from a computing device. In some configurations, the data I/O interface component 1246 includes a connector configured to provide wired connectivity between the computing device and the technical system, e.g., for purposes of synchronous operation. The connector may be a proprietary connector or a standardized connector such as USB, micro-USB, mini-USB, USB-C, etc. In some configurations, the connector is a dock connector for interfacing the computing device with another device, such as a docking station, an audio device (e.g., a digital music player), a video device, and so forth.
The audio I/O interface component 1248 is configured to provide audio input and/or output functionality to the computing device. In some implementations, the audio I/O interface component 1246 includes a microphone configured to collect audio signals. In some implementations, the audio I/O interface component 1248 includes a headphone jack configured to provide connectivity to headphones or other external speakers. In some configurations, the audio interface component 1248 includes a speaker for outputting audio signals. In some configurations, the audio I/O interface component 1248 includes an optical audio cable output.
The video I/O interface component 1250 is configured to provide video input and/or output capabilities to the computing device. In some configurations, video I/O interface component 1250 includes a video connector that is configured to receive video as input from another device (e.g., a video media player such as a DVD or bluetooth player) or to transmit video as output to another device (e.g., a monitor, a television, or some other external display). In some configurations, the video I/O interface component 1250 includes a high-resolution multimedia interface ("HDMI"), mini-HDMI, micro-HDMI, DisplayPort, or a dedicated connector for inputting/outputting video content. In some configurations, the video I/O interface component or portions thereof are combined with the audio I/O interface component 1248 or portions thereof.
The camera 1252 may be configured to capture still images and/or video. The camera 1252 may capture an image using a charge coupled device ("CCD") or a complementary metal oxide semiconductor ("CMOS") image sensor. In some configurations, camera 1252 includes a flash to assist in taking pictures in low light environments. The settings for the camera 1252 may be implemented as hardware or software buttons.
Although not shown, one or more hardware buttons may also be included in the computing device architecture 1200. Hardware buttons may be used to control certain operational aspects of a computing device. The hardware buttons may be dedicated buttons or multi-purpose buttons. The hardware buttons may be mechanical or sensor-based.
The illustrated power supply assembly 1212 includes one or more batteries 1254, which may be connected to a battery fuel gauge 1256. The battery 1254 may be rechargeable or disposable. Rechargeable battery types include, but are not limited to, lithium polymer, lithium ion, nickel cadmium, and nickel metal hydride. Each of the batteries 1254 may be comprised of one or more cells.
The battery fuel gauge 1256 may be configured to measure battery parameters such as current, voltage, and temperature. In some configurations, the battery fuel gauge 1256 is configured to measure the effect of the discharge rate of the battery, temperature, age, and other factors for predicting remaining life within a certain percentage of error. In some configurations, the battery fuel gauge 1256 provides measurements to an application that is configured to utilize the measurements to present useful power management data to a user. The power management data may include one or more of the following: percentage of used battery, percentage of remaining battery, battery condition, remaining time, remaining capacity (e.g., in watts), current draw, and voltage.
The power supply assembly 1212 may also include a power connector (not shown), which may be combined with one or more of the aforementioned I/O assemblies 1210. The power supply component 1212 may interface with an external power system or charging device via the power I/O component. Other configurations may also be used.
The disclosure presented herein also includes the subject matter set forth in the following clauses:
Clause 2. the computer-implemented method of clause 1, wherein the request for the facet received from the service client comprises data identifying the resource and a unique Identifier (ID) associated with the second network service.
Clause 3. the computer-implemented method of clauses 1-2, wherein the second network service is operating in a second network different from the first network, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
Clause 4. the computer-implemented method of clauses 1-3, wherein the second network service registers with the first network service by providing the callback URL and the unique ID to the first network service.
Clause 5. the computer-implemented method of clauses 1-4, wherein identifying the network address of the second network service API exposed by the second network service comprises: obtaining a Uniform Resource Identifier (URI) template for the second web service using the unique ID associated with the second web service; and parsing the URI template to generate the network address of the second web service API exposed by the second web service.
Clause 6. the computer-implemented method of clauses 1-5, wherein the second web service registers with the first web service by providing the first web service with a URI template and a unique ID.
Clause 7. the computer-implemented method of clauses 1-6, further comprising: receiving, by the first network service, a request for information about the facet, the request for information about the facet including a unique Identifier (ID) associated with the second network service; obtaining the information about the facet using a unique ID associated with the second network service; and returning the information about the facet in response to the request for information.
Clause 8. the computer-implemented method of clauses 1-7, further comprising: receiving, by the first network service, a request for data identifying a facet associated with a resource in a graph, the request including data identifying a location of the resource in the graph; and returning data identifying a facet associated with a resource in the graph in response to the request for data.
Clause 9. the computer-implemented method of clauses 1-8, wherein the first service is located in a first geographic location, wherein the second service is located in a second geographic location, and wherein the service client is located in a third geographic location.
Clause 10. an apparatus, comprising: one or more processors; and at least one computer storage medium having computer-executable instructions stored thereon, wherein the computer-executable instructions, when executed by the one or more processors, cause the apparatus to: the method includes receiving, from a service client, a request for a facet of a resource in a graph via a first network service Application Program Interface (API) provided by a first network service operating in a first network, identifying a network address of a second network service API exposed by a second network service registered with the first network service to provide the facet, and providing a response to the request received from the service client, the response including an indication to the service client for performing a redirection to the network address of the second network service API exposed by the second network service for obtaining the facet.
Clause 11. the apparatus of clause 10, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with the second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
Clause 12. the apparatus of clauses 10-11, wherein the second network service registers with the first network service by providing a callback URL and a unique ID to the first network service.
Clause 13. the apparatus of clauses 10-12, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with a second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises: obtaining a Uniform Resource Identifier (URI) template for the second web service using the unique ID associated with the second web service; and parsing the URI template to generate the network address of the second web service API exposed by the second web service.
Clause 14. the apparatus of clauses 10-13, wherein the second web service is registered with the first web service by providing a URI template and a unique ID to the first web service.
Clause 15. the apparatus of clauses 10-14, wherein the first service is further configured to: sending a request for the facet to the second network service, the request including an authentication token for the second network service; receiving the facet from the second network service; and providing a reply to the request for the facet to the service client, the reply including the facet and additional information for the resource in the graph obtained from one or more other network services operating in the first network.
Clause 16. a computer-readable storage medium having computer-executable instructions stored thereon, wherein the computer-executable instructions, when executed by one or more processors, cause the processors to perform the following: the method includes receiving, from a service client, a request for a facet of a resource in a graph via a first network service Application Program Interface (API) provided by a first network service operating in a first network, identifying a network address of a second network service API exposed by a second network service registered with the first network service to provide the facet, and providing a response to the request received from the service client, the response including an indication to the service client for performing a redirection to the network address of the second network service API exposed by the second network service for obtaining the facet.
Clause 17. the computer-readable storage medium of clause 16, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with the second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
Clause 18. the computer-readable storage medium of clauses 16-17, wherein the second network service registers with the first network service by providing a callback URL and a unique ID to the first network service.
Clause 19. the computer-readable storage medium of clauses 16-18, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with a second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises: obtaining a Uniform Resource Identifier (URI) template for the second web service using the unique ID associated with the second web service; and parsing the URI template to generate the network address of the second web service API exposed by the second web service.
Clause 20. the computer-readable storage medium of clauses 16-19, wherein the second web service is registered with the first web service by providing a URI template and a unique ID to the first web service.
Based on the foregoing, it should be appreciated that concepts and technologies have been disclosed herein that provide for application-automatic routing for converting data items to new data formats. Although the subject matter presented herein has been described in language specific to computer structural features, methodological and transformative acts, specific computing machinery, and computer readable media, it is to be understood that the invention defined in the appended claims is not necessarily limited to the specific features, acts, or media described herein. Rather, the specific features, acts and mediums are disclosed as example forms of implementing the claims.
The subject matter described hereinabove is provided by way of illustration only and should not be construed as limiting. Various modifications and changes may be made to the subject matter described herein without following the example configurations and applications illustrated and described, and without departing from the true scope of the present invention, which is set forth in the following claims.
Claims (15)
1. A computer-implemented method for integrating a first network service with a second network service, the first network service being a federated graph provider service and the second network service being a federated facet provider service, comprising:
receiving a request for a facet of a resource in a graph from a service client via a first web service Application Program Interface (API), the first web service API being provided by the first web service operating in a first network;
identifying a network address of a second network service API exposed by the second network service registering with the first network service to provide the facet;
obtaining, by the first network service, an authentication token for use in authenticating with the second network service; and
providing a response to the request received from the service client, the response including the authentication token and an indication to the service client to perform a redirection to the network address of the second network service API exposed by the second network service for obtaining the facet using the authentication token authenticated to the second network service.
2. The computer-implemented method of claim 1, wherein the request for the facet received from the service client comprises data identifying the resource and a unique Identifier (ID) associated with the second network service.
3. The computer-implemented method of claim 2, wherein the second network service operates in a second network different from the first network, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
4. The computer-implemented method of claim 3, wherein the second network service registers with the first network service by providing the callback URL and the unique ID to the first network service.
5. The computer-implemented method of claim 2, wherein identifying the network address of the second network service API exposed by the second network service comprises:
obtaining a Uniform Resource Identifier (URI) template for the second web service using the unique ID associated with the second web service; and
Parsing the URI template to generate the network address of the second web service API exposed by the second web service.
6. The computer-implemented method of claim 1, further comprising:
receiving, by the first network service, a request for information about the facet, the request for information about the facet including a unique Identifier (ID) associated with the second network service;
obtaining the information about the facet using a unique ID associated with the second network service; and
returning the information about the facet in response to the request for information.
7. The computer-implemented method of claim 1, further comprising:
receiving, by the first network service, a request for data identifying a facet associated with the resource in the graph, the request including data identifying a location of the resource in the graph; and
returning data identifying the facets associated with the resources in the graph in response to the request for data.
8. An apparatus for integrating a first network service with a second network service, the first network service being a federated graph provider service and the second network service being a federated facet provider service, comprising:
One or more processors; and
at least one computer storage medium having computer-executable instructions stored thereon, wherein the computer-executable instructions, when executed by the one or more processors, cause the apparatus to:
receiving a request from a service client for a facet of a resource in a graph via a first web service Application Program Interface (API) provided by the first web service operating in a first network,
identifying a network address of a second network service API exposed by the second network service registering with the first network service to provide the facet,
obtaining an authentication token for use in authenticating to the second network service by the first network service, an
Providing a response to the request received from the service client, the response including the authentication token and an indication to the service client to perform a redirection to the network address of the second network service API exposed by the second network service for obtaining the facet using the authentication token authenticated to the second network service.
9. The apparatus of claim 8, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with the second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
10. The apparatus of claim 9, wherein the second network service registers with the first network service by providing the callback URL and the unique ID to the first network service.
11. The apparatus of claim 8, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with a second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises:
Obtaining a Uniform Resource Identifier (URI) template for the second web service using the unique ID associated with the second web service; and
parsing the URI template to generate the network address of the second web service API exposed by the second web service.
12. The apparatus of claim 8, wherein the first network service is further configured to:
sending a request for the facet to the second network service, the request including an authentication token for the second network service;
receiving the facet from the second network service; and
providing, to the service client, a reply to the request for the facet, the reply including the facet and additional information for the resource in the graph obtained from one or more other network services operating in the first network.
13. A computer-readable storage medium having computer-executable instructions stored thereon, which, when executed by one or more processors, cause the processors to perform a method for integrating a first network service with a second network service, the first network service being a federated graph provider service and the second network service being a federated facet provider service, the method comprising:
Receiving a request from a service client for a facet of a resource in a graph via a first web service Application Program Interface (API) provided by the first web service operating in a first network,
identifying a network address of a second network service API exposed by the second network service registering with the first network service to provide the facet,
obtaining an authentication token for use in authenticating to the second network service by the first network service, an
Providing a response to the request received from the service client, the response including the authentication token and an indication to the service client to perform a redirection to the network address of the second network service API exposed by the second network service for obtaining the facet using the authentication token authenticated to the second network service.
14. The computer-readable storage medium of claim 13, wherein the request for the facet received from the service client comprises data identifying a location in the graph of the resource and a unique Identifier (ID) associated with the second network service, and wherein identifying the network address of the second network service API exposed by the second network service comprises retrieving a previously stored callback Uniform Resource Locator (URL) for the second network service with the unique ID associated with the second network service.
15. The computer-readable storage medium of claim 14, wherein the second network service registers with the first network service by providing the callback URL and the unique ID to the first network service.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US14/954,539 US10050953B2 (en) | 2015-11-30 | 2015-11-30 | Extending a federated graph with third-party data and metadata |
| US14/954,539 | 2015-11-30 | ||
| PCT/US2016/062642 WO2017095651A1 (en) | 2015-11-30 | 2016-11-18 | Extending a federated graph with third-party data and metadata |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108292332A CN108292332A (en) | 2018-07-17 |
| CN108292332B true CN108292332B (en) | 2021-11-16 |
Family
ID=57485940
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201680069965.3A Active CN108292332B (en) | 2015-11-30 | 2016-11-18 | Extending federated graphs with third-party data and metadata |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US10050953B2 (en) |
| EP (1) | EP3384420B1 (en) |
| CN (1) | CN108292332B (en) |
| WO (1) | WO2017095651A1 (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10341862B2 (en) * | 2016-02-05 | 2019-07-02 | Verizon Patent And Licensing Inc. | Authenticating mobile devices |
| US10956467B1 (en) * | 2016-08-22 | 2021-03-23 | Jpmorgan Chase Bank, N.A. | Method and system for implementing a query tool for unstructured data files |
| US10567384B2 (en) * | 2017-08-25 | 2020-02-18 | Hewlett Packard Enterprise Development Lp | Verifying whether connectivity in a composed policy graph reflects a corresponding policy in input policy graphs |
| US11537931B2 (en) * | 2017-11-29 | 2022-12-27 | Google Llc | On-device machine learning platform to enable sharing of machine-learned models between applications |
| US11494348B2 (en) | 2018-06-11 | 2022-11-08 | Microsoft Technology Licensing, Llc | System and method for using object references as a data type |
| US11128624B2 (en) * | 2018-09-24 | 2021-09-21 | Salesforce.Com, Inc. | Systems, methods, and apparatuses for logging in to an external website from a cloud based computing environment |
| CN109324914B (en) * | 2018-09-26 | 2021-06-22 | 多点生活(成都)科技有限公司 | Service calling method, service calling device and central server |
| CN112910943B (en) * | 2019-12-04 | 2024-03-05 | 华为云计算技术有限公司 | Service providing method, device and system |
| US20220174485A1 (en) * | 2020-11-30 | 2022-06-02 | At&T Intellectual Property I, L.P. | Network application programming interface service for application guidance and control |
| US20220414246A1 (en) * | 2021-06-28 | 2022-12-29 | Dropbox, Inc. | Links as actors in a file system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1734413A (en) * | 2004-06-14 | 2006-02-15 | 株式会社理光 | Image forming apparatus, image forming method, and information processing apparatus |
| CN101242413A (en) * | 2008-01-30 | 2008-08-13 | 中国科学院计算技术研究所 | Service resource address acquisition system and method in multi-layer NAT network under one root |
| CN101997882A (en) * | 2009-08-13 | 2011-03-30 | 上海杉达学院 | Network service of mobile website for mobile terminal to visit |
Family Cites Families (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6912582B2 (en) | 2001-03-30 | 2005-06-28 | Microsoft Corporation | Service routing and web integration in a distributed multi-site user authentication system |
| EP1417574A1 (en) | 2001-08-14 | 2004-05-12 | Humana Inc | Web-based security with controlled access to data and resources |
| US7200657B2 (en) | 2002-10-01 | 2007-04-03 | International Business Machines Corporation | Autonomic provisioning of network-accessible service behaviors within a federated grid infrastructure |
| US7346923B2 (en) | 2003-11-21 | 2008-03-18 | International Business Machines Corporation | Federated identity management within a distributed portal server |
| US7467399B2 (en) | 2004-03-31 | 2008-12-16 | International Business Machines Corporation | Context-sensitive confidentiality within federated environments |
| US7672680B1 (en) | 2005-09-13 | 2010-03-02 | Sprint Communications Company L.P. | Web services architecture system and method |
| US7657639B2 (en) | 2006-07-21 | 2010-02-02 | International Business Machines Corporation | Method and system for identity provider migration using federated single-sign-on operation |
| WO2008111050A2 (en) * | 2007-03-09 | 2008-09-18 | Ghost, Inc. | A virtual identity system and method for web services |
| US8886817B2 (en) | 2008-05-22 | 2014-11-11 | Yahoo! Inc. | Federation and interoperability between social networks |
| EP2230595A1 (en) | 2009-03-20 | 2010-09-22 | EADS Deutschland GmbH | User interaction coordination in distributed unlike environments |
| US8990167B2 (en) | 2010-06-11 | 2015-03-24 | Microsoft Technology Licensing, Llc | Multi-faceted metadata storage |
| US20130091204A1 (en) | 2010-08-12 | 2013-04-11 | Joheem Loh | System and method of integrating various platforms and methods of using the same |
| US8965957B2 (en) | 2010-12-15 | 2015-02-24 | Sap Se | Service delivery framework |
| US9311462B1 (en) | 2011-03-04 | 2016-04-12 | Zynga Inc. | Cross platform social networking authentication system |
| US20130086669A1 (en) * | 2011-09-29 | 2013-04-04 | Oracle International Corporation | Mobile application, single sign-on management |
| US8844013B2 (en) * | 2011-10-04 | 2014-09-23 | Salesforce.Com, Inc. | Providing third party authentication in an on-demand service environment |
-
2015
- 2015-11-30 US US14/954,539 patent/US10050953B2/en active Active
-
2016
- 2016-11-18 EP EP16806400.4A patent/EP3384420B1/en active Active
- 2016-11-18 WO PCT/US2016/062642 patent/WO2017095651A1/en active Application Filing
- 2016-11-18 CN CN201680069965.3A patent/CN108292332B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1734413A (en) * | 2004-06-14 | 2006-02-15 | 株式会社理光 | Image forming apparatus, image forming method, and information processing apparatus |
| CN101242413A (en) * | 2008-01-30 | 2008-08-13 | 中国科学院计算技术研究所 | Service resource address acquisition system and method in multi-layer NAT network under one root |
| CN101997882A (en) * | 2009-08-13 | 2011-03-30 | 上海杉达学院 | Network service of mobile website for mobile terminal to visit |
Also Published As
| Publication number | Publication date |
|---|---|
| US20170155658A1 (en) | 2017-06-01 |
| WO2017095651A1 (en) | 2017-06-08 |
| CN108292332A (en) | 2018-07-17 |
| EP3384420B1 (en) | 2019-08-07 |
| EP3384420A1 (en) | 2018-10-10 |
| US10050953B2 (en) | 2018-08-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108292332B (en) | Extending federated graphs with third-party data and metadata | |
| CN112771831B (en) | Random number handler for single point sign-on authentication in reverse proxy solutions | |
| US10521251B2 (en) | Hosting application experiences within storage service viewers | |
| US11789689B2 (en) | Processing digital audio using audio processing plug-ins executing in a distributed computing environment | |
| US20180006983A1 (en) | Enhanced search filters for emails and email attachments in an electronic mailbox | |
| US20200287915A1 (en) | Automated generation and deployment of honey tokens in provisioned resources on a remote computer resource platform | |
| US11797481B2 (en) | Locating files using a durable and universal file identifier | |
| US10922388B2 (en) | Session control for client-side applications in proxy solutions | |
| CN107409084B (en) | Post-processing of messages | |
| EP4272416A1 (en) | Interim connections for providing secure communication of content between devices | |
| EP3436975A1 (en) | Generating a services application | |
| US20180034795A1 (en) | Simplified Configuration of Computing Devices for Use with Multiple Network Services | |
| US9734000B2 (en) | Seamless transitions between applications and devices | |
| US10191887B2 (en) | Context affinity in a remote scripting environment | |
| US11983261B2 (en) | Enhance single sign-on flow for secure computing resources | |
| US11539828B2 (en) | User interface process flow for posting content on a display device | |
| US20230239286A1 (en) | Dynamic attachment of secure properties to machine identity with digital certificates | |
| US20190163326A1 (en) | Suppressing the collection of activity data by an operating system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |